gcleaner | ff9800895716f576104a1953752d502d42275470dafe7ab102a26231197ecb7a | Triage

Submit
Reports

Overview

overview

Static

static

3

ff98008957...7a.exe

windows7-x64

ff98008957...7a.exe

windows10-2004-x64

Sharing

General

Target

ff9800895716f576104a1953752d502d42275470dafe7ab102a26231197ecb7a
Size

287KB
Sample

240706-a7g2ds1aqr
MD5

ea79075f1e9abca368b88f6ec2be8667
SHA1

0064c59379f5de4f5b5f1de520c5e65e9a700388
SHA256

ff9800895716f576104a1953752d502d42275470dafe7ab102a26231197ecb7a
SHA512

2d7cc504e1e1ff526b8cdf130f30d347db4701402419f6fa7a9016dff53946788239a000904e049fc530d57346a73b6bdf239c2081f7c5cd5187a062cd161537
SSDEEP

6144:hhInilnQqR6Pi7++q4hix8q2ZgATZ2jHKgDW:hhInilQq5++qSiT2XTIj

Score

10^/10

gcleaner loader

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ff9800895716f576104a1953752d502d42275470dafe7ab102a26231197ecb7a.exe

Resource

win7-20240705-en

gcleaner loader

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

ff9800895716f576104a1953752d502d42275470dafe7ab102a26231197ecb7a.exe

Resource

win10v2004-20240704-en

gcleaner loader

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

gcleaner

C2

185.172.128.90

77.105.160.30

185.172.128.69

Targets

- Target
  
  ff9800895716f576104a1953752d502d42275470dafe7ab102a26231197ecb7a
- Size
  
  287KB
- MD5
  
  ea79075f1e9abca368b88f6ec2be8667
- SHA1
  
  0064c59379f5de4f5b5f1de520c5e65e9a700388
- SHA256
  
  ff9800895716f576104a1953752d502d42275470dafe7ab102a26231197ecb7a
- SHA512
  
  2d7cc504e1e1ff526b8cdf130f30d347db4701402419f6fa7a9016dff53946788239a000904e049fc530d57346a73b6bdf239c2081f7c5cd5187a062cd161537
- SSDEEP
  
  6144:hhInilnQqR6Pi7++q4hix8q2ZgATZ2jHKgDW:hhInilQq5++qSiT2XTIj
Score

10^/10

gcleaner loader
- GCleaner
  GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.
  loader gcleaner
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy